U.S. and Britain accuse China-linked hackers of ‘malicious’ cyber campaigns, announce sanctions

LONDON — The U.S. and U.K. on Monday accused hackers linked to the Chinese state of being behind "malicious" cyber campaigns targeting political figures, in moves expected to stoke tensions with Beijing.

The British government also alleged that China-affiliated hackers were behind an attack that saw the data of millions of voters accessed.

"I can confirm today that Chinese state-affiliated actors were responsible for two malicious cyber campaigns targeting our democratic institutions and parliamentarians," British Deputy Prime Minister Oliver Dowden said in a speech to Parliament on Monday.

Dowden attributed a hack on the Electoral Commission, the independent agency tasked with setting standards for how U.K. elections should be run, to a China state-affiliated actor. The campaigns were said to have taken place between 2021 and 2022.

The attack was identified by the Electoral Commission in October 2022, but wasn't disclosed until last year. Hackers accessed the names and addresses of anyone in Britain registered to vote between 2014 and 2022, the Electoral Commission said in a 2023 public notice.

A spokesperson for the Chinese Embassy in the U.K. said allegations of China being behind cyberattacks in the U.K. were "completely fabricated and malicious slanders."

"We strongly oppose such accusations," the Chinese Embassy spokesperson told reporters at a press briefing Monday, according to an update that was posted on its website. "China has always firmly fought all forms of cyber attacks according to law."

Dowden said the U.K. believes China to be behind attempted reconnaissance on the email accounts of U.K. lawmakers in the summer of 2021. He accused the Chinese hacking group APT31 of being behind this attack.

Cybersecurity firm